Cloud-native Security Operations Center.

Secure your cloud

Security in the cloud is a shared responsibility. Public cloud providers, such as Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure, make it clear that while they secure the infrastructure you must ensure secure configuration of the cloud platform services, operating systems, containers and applications you run. As public cloud usage is exploding while employees with cloud skills are hard to hire, many organisations are looking for security as a service solutions.

Application and cloud platform security

Public cloud has reduced the time and effort it takes to create software. Therefore many organisations have chosen the cloud as the default development platform leading to a very rapid expansion of software deployments. As business moves online, malicious actors are increasingly targeting applications as the attack vector. Hyperscale cloud providers (AWS, Azure and GCP) provide extremely robust and secure datacenter and infrastructure platforms which are much more difficult to exploit than applications running there.

DevOps teams use automation to deploy to cloud. Typical hyperscale cloud provider has over 150 services that can be launched. It is inevitable some deviations from security standards and best practices occur from time to time. Therefore all organisations need a capability to quickly detect and remediate platform level issues such as accidentally internet opened S3 buckets or permissive network security groups.

It’s clear that organisations need a cloud security remediation capability. However, their legacy environment SOC is unable to meet the challenges of public cloud security. Typical SOC is focused on aggregating events from endpoints, network devices and so on from on-premise world. The toolset used to aggregate events is not cloud native or integrated with provider platform. Legacy SOCs tend to hands-on lack public cloud skills. Even worse problem is the lack of customisation in alerting design and inability to provide application security.

Nordcloud Cloud-native SOC (BETA)

Nordcloud is proud to announce the industry first cloud only SOC offering that meets the challenges of application security and platform security. Initially the service supports AWS and Azure with Google Cloud Platform planned in the future.

Cloud native SOC is a new service in Beta that captures, alerts and remediates your high-priority security events 24×7. SOC includes application threat modelling and alerting design ensuring that mitigations and highly customised alerting is in place where your environment has most risk.

Application threat modelling

Nordcloud SOC works regularly with your application teams to embed threat and security awareness and ensuring mitigations and meaningful alerting are in place. It improves security outcomes compared to traditional MSSP solutions by via native cloud support and customised application alerting. SOC enables developers use the same tooling, investigation tools and visibility that security analysts use – thereby making it faster to investigate and resolve issues. In addition to security tooling provided by AWS and Azure, Nordcloud partners with leading log intelligence platform Sumo Logic to deliver modern, developer friendly security alert and investigation experience. SOC service includes regular Game Days for attack simulation and detection verification.

Incident remediation

Nordcloud SOC is integrated with our AWS, Azure and GCP certified Managed Services offering so where applicable SOC can remediate issues instead of just investigate and escalate back to customer. This enables your internal teams to spend more time running the business and developing applications.

Start your cloud-native security journey with cloud-born experts

1. A holistic approach to the cloud-native security

Nordcloud Security Operations Center (NC SOC) is security-as-a-service offering that combines threat detection and remediation for infrastructure and applications across multiple cloud environments on a 24×7 basis. NC SOC includes threat modelling and alerting design, ensuring that mitigations and highly customised alerting is in place where your environment is most at risk.

2. Application-level threat modelling

Nordcloud’s SOC works in tandem with your application teams to embed threat and security awareness ensuring mitigations and meaningful alerting is in place at the development stage. We improve security operations compared to traditional MSSP via native cloud support and customized application alerting. The service enables developers to use the same tooling, investigation tools and visibility that security analysts use; thereby making it faster to investigate and remediate issues. The service includes regular Game Days for attack simulation and detection verification.